GXPN試験無料問題集「GIAC Exploit Researcher and Advanced Penetration Tester 認定」

Which two scenarios commonly require packet crafting during a penetration test?
(Choose Two)
Response:

How do DEP (Data Execution Prevention) and ASLR (Address Space Layout Randomization) complicate exploitation of Windows stack overflows?
Response:

During a penetration test, you want to exploit a network vulnerability to intercept and modify client traffic. Which method would you use?
Response:

You need to craft and send a custom ICMP echo request packet to test network devices. Which of the following Python/Scapy commands would you use?
Response:

Which two memory protection mechanisms are commonly encountered in Windows stack overflow exploits?
(Choose Two)
Response:

During a penetration test on a Windows system, you identify a potential stack overflow vulnerability. Which technique would you apply to bypass DEP and execute your payload?
Response:

When using the Sulley framework for fuzzing, what is an effective strategy to improve code coverage?
Response:

Which of the following methods are effective for bypassing network segmentation in enterprise environments?
(Choose Two)
Response:

You are trying to exploit a buffer overflow vulnerability on a Linux system with stack canaries and ASLR enabled. Which approach would be most effective in bypassing these protections?
Response:

Which two Windows memory protection mechanisms are commonly bypassed during exploitation?
(Choose Two)
Response:

In Scapy, what function is used to send packets at the network layer?
Response:

How does understanding assembly language benefit a penetration tester working with Linux systems?
Response:

What is a typical use case for the sr1() function in Scapy?
Response:

What is a common method for escaping a restricted Windows environment during client exploitation?
Response:

In a buffer overflow attack, what part of the stack is typically targeted to gain control of execution flow?
Response: